You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa haproxy

Sigurnosni nedostatak programskog paketa haproxy

by Vlatka Mišić - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3663-1
May 30, 2018

haproxy vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS

Summary:

HAProxy could be made to expose sensitive information over the network.

Software Description:
– haproxy: fast and reliable load balancing reverse proxy

Details:

It was discovered that HAProxy incorrectly handled certain resquests.
An attacker could possibly use this to expose sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
haproxy                         1.8.8-1ubuntu0.1

In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/usn/usn-3663-1
CVE-2018-11469

Package Information:
https://launchpad.net/ubuntu/+source/haproxy/1.8.8-1ubuntu0.1—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJbDsPXAAoJEEW851uECx9p8MgQALH3sNU2clr0BbXyODbRPHde
0iHw0mXjopoe340s+tV2/RcAGtw7q/qYBqOQA0xoABbCpvb99FSipSBuCPies+Q3
NfYG/9wBAwSG464U+AUxA66H5Z3JvPpX6nVxA/adiejg8eqMboavToj/7OugF6Xp
nhVQj1NBNZBruwzJZGnAmiYlWHxPp1C/qcwMAvl9xA13IKs5DykLe8poKwzLMg5V
RfhL9ve9Tg5bKiE6OqumGfrY4l1JRqY49lzx4dWyeauIm2c4TQ6h19nC5uUKSs1w
/kvJ74feKjY6xWYufhgnIIgmpNAI39yexLT+JgFtmkbkyWeLSmYoV/P5xVEnYq8E
APmvqUMBqdG/uR3LZJfRLR+ByQnDwsMkKlT5h3/I2r7KXTqxWDXtbbhGHrQk5xq4
KVbRAhPPSpOmSVXxCfyYpFUirsYvjaaRXGIM7VAnSHJvSP/xlS4T68aFbe81qSu6
sc0ONPmnq8zn9WToMOZBj4xldL8IlxCoJkJFXIjUCwm544veXr38dDyo3wQTCmYm
ueN+CYHGFpypEvKgQpPFdXdrX15RbuF3qL43gpReSD4vWREYsb1sxV8tXSE3tSAs
eMp4uZDHLJ5xZrC19Fwf/PuHafE5Wzpm11R+BLhVBwFO9qr2k+Fp06in32jcbaeb
0HoaUGzoYpmp7Ltu0zdS
=exAW
—–END PGP SIGNATURE—–

AutorVlatka Misic
Cert idNCERT-REF-2018-06-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Vlatka Mišić
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa gifsicle

Otkriven je sigurnosni nedostatak u programskom paketu gifsicle za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim udaljenim napadačima omogućuje izvođenje napada...

Close